Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b35035bbd115f5f28813d27c854f5bf0N.exe

  • Size

    33KB

  • Sample

    240818-a2kv4awcpg

  • MD5

    b35035bbd115f5f28813d27c854f5bf0

  • SHA1

    14a3982401ea7bb7070763854fa3f26165b0364d

  • SHA256

    693219a75775769bc379b9179c3e7e87fe9058d9e10acf15372657a37df7f3f1

  • SHA512

    aaf62b99ad99ee085f62b172588354ba33abddc3bbf32c2d3e4c3211aa848fbe1de1631425074bb4178d2a77e9d77d0c0878f0f27ecf14f75a2655a144287b3b

  • SSDEEP

    768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzKO5/V:QuQRylaUDTDxDXjy6AB7koYy2T/

Malware Config

Targets

    • Target

      b35035bbd115f5f28813d27c854f5bf0N.exe

    • Size

      33KB

    • MD5

      b35035bbd115f5f28813d27c854f5bf0

    • SHA1

      14a3982401ea7bb7070763854fa3f26165b0364d

    • SHA256

      693219a75775769bc379b9179c3e7e87fe9058d9e10acf15372657a37df7f3f1

    • SHA512

      aaf62b99ad99ee085f62b172588354ba33abddc3bbf32c2d3e4c3211aa848fbe1de1631425074bb4178d2a77e9d77d0c0878f0f27ecf14f75a2655a144287b3b

    • SSDEEP

      768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzKO5/V:QuQRylaUDTDxDXjy6AB7koYy2T/

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks